RE: Windows 2003 Active Directory
- From: Rick Boza <rickb@xxxxxxxxxxxxxxx>
- To: Exchange List <exchangelist@xxxxxxxxxxxxx>
- Date: Mon, 07 Mar 2005 09:08:22 -0500
Actually it is valid - it just isn't reserved. People use it all the time
with no ill effects - the only way a Bad Thing is likely to happen following
the use of .local internally is if suddenly .local were a valid,
registerable TLD on the Internet.
That seems extremely unlikely - you should probably worry about a satellite
dropping on your head as a more likely occurrence.
The important point isn't so much what you use as your internal - rather
that you avoid using your external domain presence. Ideally you also want
to avoid using someone else's external domain name.
As for your email domain, which I suspect is the root of the question for
you, using a private internal name versus a different public domain has no
impact on your ability to receive and send mail as name@xxxxxxxxxxxxxxxxxx
The two are not related.
On 3/7/05 7:35 AM, "Steve Moffat" <steve@xxxxxxxxxx> wrote:
> http://www.MSExchange.org/
>
> DO NOT USE ".local" AS THE TLD.
>
> That is not a valid private use TLD:
>
> http://www.windowsitpro.com/Article/ArticleID/44818/44818.html
>
> "John Savill
> InstantDoc #44818
> John Savill's FAQ for Windows
>
> A. Companies often use a .local or .pvt TLD to name an AD tree. However,
> as I explain shortly, it's better to use a standard naming method--for
> example, create a name by using a subdomain of your company's DNS
> address space (e.g., if your company's DNS domain is ntfaq.com, you
> could name your AD tree ads.ntfaq.com). When you use this method,
> though, you must remember that the DNS information for the AD tree is
> hosted on internal DNS servers, not on your external DNS servers. This
> means that external users can't see information about your internal
> infrastructure because external users can access only the external DNS
> server, which has no information about your internal infrastructure.
> Alternatively, if you want to create a second-level name for your AD
> domain, reserve another name--for example, ntfaq.net--but don't set your
> AD domain to the same name as your external name, to avoid causing
> confusion in name resolution.
>
> If you're determined to use a nonstandard TLD in your domain name, avoid
> the use of .local or .pvt because they aren't reserved. Instead, use one
> of these reserved top-level domains:
>
> .test
> .example
> .invalid
> .localhost
> You can find more information about these names in Internet Engineering
> Task Force (IETF) Request for Comments (RFC) 2606. Remember, if you use
> these nonstandard DNS names, you can't obtain certificates from a
> third-party Certificate Authority (CA), which might cause problems for
> your organization."
>
> By the way, in using Windows Server 2003 AD, you can setup your domain
> as internal.example.moc and in DNS point the root domain example.moc at
> the external DNS server. That way, your internal DNS server will be
> responsible for internal.example.moc and all other example.moc queries
> will be sent to the configured external server.
>
> -----Original Message-----
> From: Dan HINCKLEY [mailto:danslists@xxxxxxxx]
> Sent: Monday, March 07, 2005 8:18 AM
> To: [ExchangeList]
> Subject: [exchangelist] RE: Windows 2003 Active Directory
>
> http://www.MSExchange.org/
>
> At 12:53 3/7/2005, you wrote:
>
>> This actually works and solves one problem. If you dont name your AD
>> domain to the name of actual domain name, then at times, machines go
>> out to look for that domain unless you have your domain ending with
>> .local., in a NATing scenario.
>>
>> In this scenario, you need to maintain separate servers for internal
>> and external.
>>
>>
>> Chand
>
> Chand,
>
> Can you point me to a URL with documentation on .local?
>
>>
>> ----------
>> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
>> Sent: Monday, March 07, 2005 5:15 PM
>> To: [ExchangeList]
>> Subject: [exchangelist] RE: Windows 2003 Active Directory
>>
>> Absolutely
>>
>>
>> ----------
>> From: rahil [mailto:rahil.warang@xxxxxxxxx]
>> Sent: Monday, March 07, 2005 7:41 AM
>> To: [ExchangeList]
>> Subject: [exchangelist] RE: Windows 2003 Active Directory
>>
>> Dear Steve,
>> Are you sure on this
>>
>> -----Original Message-----
>> From: Steve Moffat [mailto:steve@xxxxxxxxxx]
>> Sent: Monday, March 07, 2005 3:28 PM
>> To: [ExchangeList]
>> Subject: [exchangelist] RE: Windows 2003 Active Directory
>>
>> You will have no problems using a .com for your internal domain.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> ExchangeMailingList@xxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx
>
> The haggis is unusual in that it is neither consistently nocturnal nor
> diurnal, but instead is active at dawn and dusk (crepuscular), with occasional
> forays forth during the day and night.
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> rickb@xxxxxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
